Hannele Äijälä

Register and privacy statement

Thank you for visiting my website. I have committed to protect the privacy of my website visitors and customers. In this privacy statement I explain how I process your personal data, for what purposes it is collected and how you can influence the processing of your personal data. Please don’t hesitate to contact me if you have any questions concerning the processing of your data. 

Hannele Äijälä, 20 Oct 2022


Hannele Äijälä

Address: Peltolantie 30 b 21, 01300 Vantaa, Finland

Business ID: 2979226-7

Contact details

E-mail: hannele.aijala@gmail.com

Tel: +358 (0) 40 7366 209

names of the registers

  • Customer register 
  • Webstore customer register

Legal basis for processing your personal data

Your personal data is not used for automated decisions or profiling.


Processing of your personal data is based on a contract when I execute an assignment for you and we have an agreement or when you make an order from my webshop.


When you visit my website, processing of your data is based on consent. When entering my webpage, you may choose if you accept the cookies.

Legitimate interest

Processing of your personal data is based on legitimate interest, when I process your data for marketing or business analyzing/development purposes or if the customer relationship has been formed before the contract.

Legal obligation

Processing of your personal data is based on legal obligation when I fulfill my company’s legal obligations, such as accounting.

For what purposes your personal data is collected

I am only collecting your personal data for the purposes described below:

  • Processing webstore orders, payments and deliveries
  • Making agreements
  • Customer communication
  • Developing the website and improve its usability
  • Improving customer experience
  • Managing customer relations
  • Marketing
  • Business analyzing and development
  • Legal obligations such as accounting

What kind of personal data is collected and how long it is stored

Data collected for the customer register

I have a register where I collect data about my past, existing and potential customers. In most cases I receive the processed data directly from you and through our communication. In case of potential customers, I may discover the collected data indirectly through different sources described in more detail in chapter *Regular data sources/services used for collecting and processing data. The customer register exists for following purposes: customer communication, managing customer relations, marketing and legal obligations. Below I give examples which data can be collected for the register:

  • First and last name, possible company name, business ID, industry, name of the contact person and his/her position, invoicing and payment address, address, e-mail address, telephone number, www-address, information about the ordered service, invoice history, agreement, other possible important documents /information about the assignment or customer relationship.

Personal data shall be processed and stored for as long as it is required depending on the purpose they have been collected for. In order to fulfill my legal retention obligations, the order and invoice history will be stored from 6 to 10 years, depending on the document. I will store agreements of completed design assignments as long as it is needed, depending on their nature, possibly for as long as my company exists.

Data collected for the webstore customer register

If you want to order products from my webstore, I will need your personal data in order to process and deliver the order. Information is necessary in order to make a contract. I am collecting following data:

  • Contact information: Your first and last name, possible company name and business ID, address and delivery address, telephone number, e-mail address. 
  • Payment information: During the payment process I will need to process your payment address. 
  • Order and invoice history: For legal reasons such as accounting and consumer protection, I will collect the purchasing and invoice history. 

Personal data shall be processed and stored for as long as it is required depending on the purpose they have been collected for. In order to fulfill my legal retention obligations, the order and invoice history will be stored from 6 to 10 years, depending on a document.

Visitor usage data

I am monitoring web traffic on my website in order to develop my website and its usability, improve the customer experience, to market and analyze my business. Following usage data can be processed:

  • Online behavior: I have access to monitor actions on my website such as visited pages, information on how and from where the visitor arrives on my website or time spent on an individual page.
  • Device information: I am able to see the data such as used browser, device category, operating system, geographical location (limited to country or city) or language settings.
  • Company names: I am able to track the names of the companies that visit my website.

In the next chapter below, I will provide you with a list of services/softwares I use in order to process and receive the data.  

Regular data sources/services used for collecting and processing data

I am processing and collecting data by using following external services:

  • WordPress: A content management system that allows me to build and maintain my website. 
  • Google Analytics: Web analytics service that provides statistics and basic analytical tools for search engine optimization and marketing purposes. The service uses cookies to collect information and reports site usage statistics to me without personally identifying individual visitors.  
  • Leadfeeder: (basic, limited version) Service for tracking and identifying website’s company visitors. The service can be used for marketing purposes. The software uses cookies to collect the user’s data and reports it to the website’s owner (me).   
  • Social media platforms: I may collect personal data from the different social media platforms I use: Instagram, LinkedIn, Facebook, Pinterest.
  • Cloud services: I may use cloud services for saving the collected data.

I may also collect and process personal data in the following ways:

  • via e-mail, phone
  • contracts, other documents
  • meetings and other situations where the customer is giving personal data
  • public sources such as websites etc.

Transfer of your personal data

I will not transfer your personal data to a third party unless it is necessary. Below I explain the situations where your personal data can be transferred to a third party:

  • Delivering shop order: In case you make an order from my webshop, I will need to transfer your contact info (such as name, delivery address, phone number) to a logistics company in order to implement the delivery.    
  • Transferring files: In case you have ordered a design assignment from me, I may need to use an external file sharing software in order to provide the final work to you. In this case I need to transfer your email address to a file sharing software.
  • Legal obligations: I may need to transfer your data to authorities based on law or regulations, for instance in case of an audit.

Transfers of personal data out of the European Economic Area (EEA)

I process your data within the EU and EEA as much as possible, but I may use softwares/services which are located or storing the data in countries outside of the European Economic Area. Transferring your data outside of the EU/EEA shall be handled by appropriate safeguards.

Using Cookies

Cookies are small files used by websites to store temporary information in users’ browsers. My website uses cookies in order to function properly in the way that I can enhance the user experience. My website also uses cookies that collect usage data and exist for analyzing and marketing purposes.

Protection of personal data

I have taken careful and appropriate technical safeguards in order to protect your personal data against loss or other forms of unlawful processing.

Data subject’s rights

As a data subject you have following rights:

  • Right of access: You have a right to inspect which information I have collected about you.
  • Right to rectification: You have a right to ask me to correct or complete your incorrect/inadequate data.
  • Right to erasure: You have a right to ask me to erase your personal data from the register. In this case I will erase your personal data unless I have a legal obligation to retain that data. 
  • Right to restriction of processing: In certain cases, you have a right to ask me to restrict processing your data. For example if the data is no longer correct, the processing is unlawful or I no longer need your data.
  • Right to data portability: You have the right to receive the personal data that you have provided to me in a structured, commonly used and machine-readable format and, if you want, transmit the data to another controller.
  • Right to object: In some situations, you have the right to object to the processing of your data and to request me not to process your data at all. For example you can use your right to object to direct marketing.
  • Right to withdraw consent: In the case where I have obtained your data based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing the data before its withdrawal.
  • Right to complaint: In the case that you feel that I have processed your personal data unlawfully, you have a right to make a complaint to a local supervisory authority.

If you want to use any of your rights listed above, please send your request via email to hannele.aijala@gmail.com or by letter to Hannele Äijälä, Peltolantie 30 B 21, 01300 Vantaa, FinlandIf necessary, I may ask you to prove your identity. I will respond to you as soon as possible, yet within the time stipulated in the EU data protection regulation (generally within a month).

Changes to this register and privacy statement

If I make any changes into this privacy statement, I will update the date at the top of this statement.